Privacy Engineering and Privacy Enhancing Technologies - PETS

Winter semester 2015/2016

Title:Privacy Engineering and Privacy Enhancing Technologies
Type:Lecture with Exercise
Token / Number / Module number:PETS / CS6936.000 / ?
Semester hours / Credits:3L+1E / 6ECTS
Lecturer:

Prof. Dr. Frank Kargl
Dr. Christoph Bösch

Tutor:Henning Kopp
General schedule:

Lecture:
Friday, 10:15 - 11:45 , O27-341; starting 16.10.2015

Exercise:
Wednesday, 2 p.m. - 4 p.m., O28-H21; starting 21.10.2015; different room on 28.10.2015: N25-H9

Learning platform:For the course the e-learning system Moodle is used. Please register here.
Grade bonus:A grade bonus of 0,3 bzw. 0,4 is given if the lab is passed successfully.
Exams:Oral exam by appointment

Description and general information

Integration of module into courses of studies:

Informatik, M.Sc.: Praktische und Angewandte Informatik
Informatik, M.Sc.: Vertiefungsfach IT-Sicherheit
Informatik, M.Sc.: Vertiefungsfach Verteilte Systeme
Informatik, Lehramt: Wahlfach
Medieninformatik, M.Sc.: Kernfach Praktische und Angewandte Informatik
Medieninformatik, M.Sc.: Vertiefungsfach IT-Sicherheit
Medieninformatik, M.Sc.: Vertiefungsfach Verteilte Systeme
Software-Engineering, M.Sc.: Kernfach Praktische und Angewandte Informatik
Software-Engineering, M.Sc.: Vertiefungsfach IT-Sicherheit
Informationssystemtechnik, M.Sc.: Wahlplicht Informatik
Informationssystemtechnik, M.Sc.: Wahlpflicht

Modes of learning and teaching:

Lecture Privacy Engineering and Privacy Enhancing Technologies, 3L (Prof. Dr. Frank Kargl, Dr. Christoph Bösch)
Exercise Privacy Engineering and Privacy Enhancing Technologies, 1E (N.N.)

Module authority:Prof. Dr. Frank Kargl, Dr. Christoph Bösch
Language:English
Turn / Duration:Every winter semester / one semester
Requirements (contentual):Security of IT-Systems
Requirements (formal):None
Learning objectives:

Participants will become familiar with modern privacy engineering. Starting from conducting Privacy Impact Assessments (PIAs) and a privacy risk analysis to designing privacy-friendly architectures all the way to application of privacy strategies and privacy enhancing technologies, the course covers the full lifecycle of privacy-friendly system design. Beyond mere theoretical knowledge, participants will practice their freshly acquired knowledge in many scenarios-based exercises.

Content:

The course briefly summarizes foundations of privacy and data protection as discussed in more depth in module 71126 ("Grundlagen des Datenschutzes und der IT Sicherheit''). Afterwards, it discusses privacy analysis techniques like Privacy Impact Assessments and privacy risk analysis as well as privacy engineering methodologies like the one designed in the European PRIPARE project. This includes privacy strategies, privacy design patterns and many more.
The second part of the lecture then focuses on technical privacy protection discussing different privacy strategies like minimization or hiding, privacy enhancing technologies like attribute-based credentials or group signatures, and also privacy aspects of user interfaces. We also discuss how to measure privacy and evaluate privacy enhancing technolgies for their effectiveness. The technical part also covers techniques like zero knowledge proofs, oblivious RAMs, and private information retrieval, which will be implemented in the exercises.

Literature:Selected literature and online resources
Course assessment and exams:Oral (in case of many participants written) exam at the end of the semester; no further course assessment; grade bonus if lab passed successfully
Grading:Grade of the module exam
Estimation of effort:Active time: 60 h
Preparation and evaluation: 120 h
Sum: 180 h